Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A274A659B111F09EEDCEB4DAE4EC9C.roa
File: 36A274A659B111F09EEDCEB4DAE4EC9C.roa (raw, json)
Hash identifier: AavE3RUxZM2u2K4XvOK88fe6cAjCabsRB8Xk1gmq8v4=
Subject key identifier: 89:42:D2:C2:AF:C0:86:89:48:5C:E1:CB:3B:B6:22:74:1C:50:F0:E7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018B10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A274A659B111F09EEDCEB4DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 15:03:31 +0000
ROA not before: Sat 05 Jul 2025 15:03:26 +0000
ROA not after: Fri 17 Jul 2026 15:03:26 +0000
asID: 395886
IP address blocks: 154.193.192.0/18 maxlen: 24
154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Jul 2025 20:51:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101136 (0x18b10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 5 15:03:26 2025 GMT
Not After : Jul 17 15:03:26 2026 GMT
Subject: CN=68693ec3-9cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c9:e6:98:89:82:3b:80:ae:f6:b0:6a:7b:1d:
15:16:82:e4:99:62:44:21:18:68:9d:ad:b3:2f:1c:
bb:b7:44:c1:f1:64:6c:84:92:ea:a8:b4:48:34:88:
7f:b5:5d:f2:78:94:4c:cd:5c:ec:36:d0:15:18:10:
f2:c9:9d:e1:02:9e:2c:28:33:40:16:25:f7:99:15:
63:99:c9:97:26:56:0f:c2:34:f1:14:e7:6c:ee:11:
b8:e7:55:82:b9:7b:b2:08:0b:90:82:d5:2c:b7:6a:
98:07:9b:88:84:51:f7:93:84:21:ce:c5:da:e1:17:
a6:4c:6b:70:85:3a:ed:21:15:4e:54:f7:88:1c:90:
ae:00:ee:80:29:a5:2c:f9:ca:3d:6d:f8:49:11:f8:
1a:c7:e0:dd:25:ed:90:4f:10:e8:f8:7c:18:1d:fd:
fa:97:de:39:fc:72:a1:7f:d1:ac:18:57:ff:bf:f3:
9e:14:e3:44:55:1b:c6:69:35:60:2e:64:a8:d1:90:
8b:03:45:3b:54:31:19:c8:80:79:21:0b:04:dd:00:
c2:2a:01:59:ec:bf:b9:3e:61:f5:c8:bd:98:5e:7e:
2b:7c:39:0e:07:3e:f8:7c:03:d4:33:05:ad:fa:d4:
d7:92:59:a4:ff:fa:40:86:64:22:2e:2a:3e:b2:69:
39:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:42:D2:C2:AF:C0:86:89:48:5C:E1:CB:3B:B6:22:74:1C:50:F0:E7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36A274A659B111F09EEDCEB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.192.0/18
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
7f:3c:81:f0:37:ba:e6:54:b1:d2:72:b9:73:75:0c:5a:0b:3c:
c8:44:20:06:09:28:1e:9a:3d:98:96:23:20:a5:e1:72:f1:75:
db:d8:92:ad:df:ef:79:3e:8a:92:f0:34:82:86:e1:c2:14:3e:
1b:bd:2f:06:b3:cd:fb:da:3b:2e:cb:4e:17:34:49:ee:71:b6:
f8:fe:29:67:76:98:f0:4d:a0:5d:6b:74:1b:e0:6d:10:9e:63:
9b:80:a9:86:2e:93:b5:2c:f1:ba:9e:f4:66:b7:02:88:a5:95:
e9:7e:11:ce:89:14:49:f5:5f:78:1c:1a:34:cb:10:e6:a9:06:
f4:67:ac:d2:fa:9c:32:44:d2:d1:32:5d:a8:91:c0:1b:29:0f:
6d:35:0b:90:ac:37:c9:c2:8f:01:57:eb:5a:96:39:33:b9:fb:
59:48:6b:aa:f3:81:8b:8f:1c:e8:cd:6a:30:d7:22:10:50:80:
cd:26:ef:ce:77:9d:2e:63:a7:16:3c:37:42:89:0a:b1:39:f7:
a7:64:89:27:bd:bf:da:12:28:80:ad:d3:c9:6a:c4:46:8c:a5:
b7:df:79:ac:91:5e:10:24:a7:d1:fa:4b:82:67:b7:b8:f8:cb:
29:e7:5e:1e:ad:94:8c:b5:ab:63:13:6d:c1:dd:fd:59:2f:bd:
36:1e:f3:5e
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIDAYsQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA1MTUwMzI2WhcNMjYwNzE3MTUwMzI2WjAYMRYw
FAYDVQQDEw02ODY5M2VjMy05Y2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvcnmmImCO4Cu9rBqex0VFoLkmWJEIRhona2zLxy7t0TB8WRshJLqqLRI
NIh/tV3yeJRMzVzsNtAVGBDyyZ3hAp4sKDNAFiX3mRVjmcmXJlYPwjTxFOds7hG4
51WCuXuyCAuQgtUst2qYB5uIhFH3k4QhzsXa4RemTGtwhTrtIRVOVPeIHJCuAO6A
KaUs+co9bfhJEfgax+DdJe2QTxDo+HwYHf36l945/HKhf9GsGFf/v/OeFONEVRvG
aTVgLmSo0ZCLA0U7VDEZyIB5IQsE3QDCKgFZ7L+5PmH1yL2YXn4rfDkOBz74fAPU
MwWt+tTXklmk//pAhmQiLio+smk59QIDAQABo4ICvjCCArowHQYDVR0OBBYEFIlC
0sKvwIaJSFzhyzu2InQcUPDnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkEyNzRBNjU5QjExMUYwOUVFRENFQjREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwQGmsHAAwQAmsp1AwQDmsp4
MAsDBAGa2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEAfzyB8De65lSx0nK5c3UM
Wgs8yEQgBgkoHpo9mJYjIKXhcvF129iSrd/veT6KkvA0gobhwhQ+G70vBrPN+9o7
LstOFzRJ7nG2+P4pZ3aY8E2gXWt0G+BtEJ5jm4Cphi6TtSzxup70ZrcCiKWV6X4R
zokUSfVfeBwaNMsQ5qkG9Ges0vqcMkTS0TJdqJHAGykPbTULkKw3ycKPAVfrWpY5
M7n7WUhrqvOBi48c6M1qMNciEFCAzSbvznedLmOnFjw3QokKsTn3p2SJJ72/2hIo
gK3TyWrERoylt995rJFeECSn0fpLgme3uPjLKedeHq2UjLWrYxNtwd39WS+9Nh7z
Xg==
-----END CERTIFICATE-----
Generated at Sun Jul 6 02:45:34 2025 by rpki-client